oneos-v5/backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

新增 user 模块

Browse Source 
调整新的项目结构,将 service 和 dao 模块,从 application 拆除,独立成 service-impl 模块
增加 sdk 模块,用于提供一个封装过的功能。例如说,认证和授权~
This commit is contained in:
YunaiV
2019-02-25 18:20:30 +08:00
parent 2523f8b616
commit 4ae211dbc2
64 changed files with 2063 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
user/user-sdk/pom.xml Normal file
View File

@@ -0,0 +1,59 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>user</artifactId>
<groupId>cn.iocoder.mall</groupId>
<version>1.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>user-sdk</artifactId>
<dependencies>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>5.1.5.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>5.1.5.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>5.1.5.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>dubbo</artifactId>
<version>2.6.5</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>2.5</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>cn.iocoder.mall</groupId>
<artifactId>common-framework</artifactId>
<version>1.0-SNAPSHOT</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>cn.iocoder.mall</groupId>
<artifactId>user-service-api</artifactId>
<version>1.0-SNAPSHOT</version>
<scope>compile</scope>
</dependency>
</dependencies>
</project>

14
user/user-sdk/src/main/java/cn/iocoder/mall/user/sdk/annotation/PermitAll.java Normal file
View File

@@ -0,0 +1,14 @@
package cn.iocoder.mall.user.sdk.annotation;
import java.lang.annotation.*;
/**
* URL 是否允许所有都可访问。即用户不登陆,就可以访问指定 URL 。
*
* 例如说,注册接口,用户是不需要登陆,就可以访问的。
*/
@Documented
@Target({ElementType.METHOD}) // ElementType.TYPE 暂时不支持类级别。为了减少判断,略微提升性能。
@Retention(RetentionPolicy.RUNTIME)
public @interface PermitAll {
}

18
user/user-sdk/src/main/java/cn/iocoder/mall/user/sdk/context/SecurityContext.java Normal file
View File

@@ -0,0 +1,18 @@
package cn.iocoder.mall.user.sdk.context;
/**
* Security 上下文
*/
public class SecurityContext {
private final Long uid;
public SecurityContext(Long uid) {
this.uid = uid;
}
public Long getUid() {
return uid;
}
}

30
user/user-sdk/src/main/java/cn/iocoder/mall/user/sdk/context/SecurityContextHolder.java Normal file
View File

@@ -0,0 +1,30 @@
package cn.iocoder.mall.user.sdk.context;
/**
* {@link SecurityContext} Holder
*
* 参考 spring security 的 ThreadLocalSecurityContextHolderStrategy 类,简单实现。
*/
public class SecurityContextHolder {
private static final ThreadLocal<SecurityContext> securityContext = new ThreadLocal<SecurityContext>();
public static void setContext(SecurityContext context) {
securityContext.set(context);
}
public static SecurityContext getContext() {
SecurityContext ctx = securityContext.get();
// 为空时,设置一个空的进去
if (ctx == null) {
ctx = new SecurityContext(null);
securityContext.set(ctx);
}
return ctx;
}
public static void clear() {
securityContext.remove();
}
}

66
user/user-sdk/src/main/java/cn/iocoder/mall/user/sdk/interceptor/SecurityInterceptor.java Normal file
View File

@@ -0,0 +1,66 @@
package cn.iocoder.mall.user.sdk.interceptor;
import cn.iocoder.common.framework.exception.ServiceException;
import cn.iocoder.mall.user.sdk.annotation.PermitAll;
import cn.iocoder.mall.user.sdk.context.SecurityContext;
import cn.iocoder.mall.user.sdk.context.SecurityContextHolder;
import cn.iocoder.mall.user.service.api.OAuth2Service;
import cn.iocoder.mall.user.service.api.dto.OAuth2AuthenticationDTO;
import com.alibaba.dubbo.config.annotation.Reference;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* 安全拦截器
*/
@Component
public class SecurityInterceptor extends HandlerInterceptorAdapter {
@Reference
private OAuth2Service oauth2Service;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
// 校验访问令牌是否正确。若正确,返回授权信息
String accessToken = obtainAccess(request);
OAuth2AuthenticationDTO authentication = null;
if (accessToken != null) {
authentication = oauth2Service.checkToken(accessToken);
// 添加到 SecurityContext
SecurityContext context = new SecurityContext(authentication.getUid());
SecurityContextHolder.setContext(context);
}
// 校验是否需要已授权
HandlerMethod method = (HandlerMethod) handler;
boolean isPermitAll = method.hasMethodAnnotation(PermitAll.class);
if (!isPermitAll && authentication == null) {
throw new ServiceException(-1, "未授权"); // TODO 这里要改下
}
return super.preHandle(request, response, handler);
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) {
// 清空 SecurityContext
SecurityContextHolder.clear();
}
private String obtainAccess(HttpServletRequest request) {
String authorization = request.getHeader("Authorization");
if (!StringUtils.hasText(authorization)) {
return null;
}
int index = authorization.indexOf("Bearer ");
if (index == -1) { // 未找到
return null;
}
return authorization.substring(index + 7).trim();
}
}

6
user/user-sdk/src/main/java/cn/iocoder/mall/user/sdk/package-info.java Normal file
View File

@@ -0,0 +1,6 @@
/**
* 提供 SDK 给其它服务,使用如下功能:
*
* 1. 通过 {@link } 拦截器,
*/
package cn.iocoder.mall.user.sdk;